Duqu (W32.Duqu)

Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.

Duqu is a remote access Trojan (RAT) that steals data from computers it infects. Duqu has been targeted at industrial equipment manufacturers, illegally collecting information about the manufacturer’s systems and other proprietary data.

The Duqu Trojan contains some of the same source code used by the Stuxnet Trojan, which was designed to disrupt industrial processes. Duqu and Stuxnet use a similar kernel driver to decrypt and load encrypted dynamic load library (DLL) files, enabling the Trojan to inject itself into system processes.

Some security researchers believe that Duqu could be a precursor for attacks against supervisory control and data acquisition (SCADA) systems. SCADA systems are used in infrastructure services such as gas, electric, water and sewer. 

Duqu was discovered by the Laboratory of Cryptography and Systems Security (CrySys) at Budapest University.

This was first published in November 2011

Continue Reading About Duqu (W32.Duqu)

Glossary

'Duqu (W32.Duqu)' is part of the:

View All Definitions

Dig deeper on Emerging Information Security Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close